Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: VPN+IPSEC

VPN+IPSEC 7 years 6 months ago #30557

  • asumi
  • asumi's Avatar
  • Offline
  • New Member
  • Posts: 4
  • Karma: 0
hi i tried to do vpn in 2 routers and but i could not establish the connection so i am posting my conf..
**********************************
hostname ho
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$HiLs$2Kk.zX3hYCo96cIc8lSOZ0
enable password 7 02050D480809
!
aaa new-model
!
!
!
aaa session-id common
!
!
ip cef
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key cisco123 address 192.168.2.2
!
!
crypto ipsec transform-set cisco esp-3des esp-md5-hmac
!
crypto map map1 6 ipsec-isakmp
set peer 192.168.2.2
set transform-set cisco
match address 100
!
!
!
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface Serial1/0
description **** Head Office ****
ip address 192.168.1.2 255.255.255.0
encapsulation ppp
serial restart-delay 0
crypto map map1
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
!
interface Ethernet2/0
ip address 172.168.1.1 255.255.0.0
duplex half
!
interface Ethernet2/1
no ip address
shutdown
duplex half
!
interface Ethernet2/2
no ip address
shutdown
duplex half
!
interface Ethernet2/3
no ip address
shutdown
duplex half
!
interface Ethernet2/4
no ip address
shutdown
duplex half
!
interface Ethernet2/5
no ip address
shutdown
duplex half
!
interface Ethernet2/6
no ip address
shutdown
duplex half
!
interface Ethernet2/7
no ip address
shutdown
duplex half
!
router rip
version 2
network 192.168.1.0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
access-list 100 permit ip 172.168.1.0 0.0.255.255 172.168.2.0 0.0.255.255
!
!
control-plane
!
!
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
!
!
end
*********************************************
hostname npj
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
ip cef
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key cisco123 address 192.168.1.2
!
!
crypto ipsec transform-set cisco esp-3des esp-md5-hmac
!
crypto map map2 6 ipsec-isakmp
set peer 192.168.1.2
set transform-set cisco
match address 100
!
!
!
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface Serial1/0
ip address 192.168.2.2 255.255.255.0
encapsulation ppp
serial restart-delay 0
no fair-queue
crypto map map2
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
!
interface Ethernet2/0
ip address 172.168.2.1 255.255.0.0
duplex half
!
interface Ethernet2/1
no ip address
shutdown
duplex half
!
interface Ethernet2/2
no ip address
shutdown
duplex half
!
interface Ethernet2/3
no ip address
shutdown
duplex half
!
interface Ethernet2/4
no ip address
shutdown
duplex half
!
interface Ethernet2/5
no ip address
shutdown
duplex half
!
interface Ethernet2/6
no ip address
shutdown
duplex half
!
interface Ethernet2/7
no ip address
shutdown
duplex half
!
router rip
version 2
network 192.168.2.0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
access-list 100 permit ip 172.168.2.0 0.0.255.255 172.168.1.0 0.0.255.255
!
!
!
control-plane
!
!
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
!
end
*********************************************
and i ping host "ho" with following command but ping reply is not successful:
ping 172.168.2.1 source 172.168.1.1 repeat 1000 size 1000

can anyone tell me what mistake i made
The administrator has disabled public write access.
Time to create page: 0.091 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup